Data loss is a growing risk managed file transfer can help
This presentation is the property of its rightful owner.
Sponsored Links
1 / 24

Data Loss Is a Growing Risk… Managed File Transfer Can Help PowerPoint PPT Presentation


  • 104 Views
  • Uploaded on
  • Presentation posted in: General

Data Loss Is a Growing Risk… Managed File Transfer Can Help. Tony Perri, CISSP Solutions Architect Ipswitch File Transfer. Data loss is a growing risk. Companies are collecting, storing, and transferring more and more data. Collecting Data:

Download Presentation

Data Loss Is a Growing Risk… Managed File Transfer Can Help

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Data loss is a growing risk managed file transfer can help

Data Loss Is a Growing Risk…Managed File Transfer Can Help

Tony Perri, CISSP

Solutions Architect

Ipswitch File Transfer


Data loss is a growing risk

Data loss is a growing risk

  • Companies are collecting, storing, and transferring more and more data.

    • Collecting Data:

      • How many times have you filled out a Web form with personal information such as your name, address, date of birth, phone number, credit card number, etc.

    • Storing Data:

      • This data is “king” for companies looking to better understand their customers and their markets, so this data is stored and subsequently analyzed.

    • Transferring Data:

      • The “pace” of business has increased, so data must be transferred quickly between internal and external people and systems.

www.IpswitchFT.com


Data is most vulnerable during transfer

Data is most vulnerable during transfer

  • Technology focus has been on minimizing the risk of data loss during collection and storage.

  • Technology for protecting data during transfer is available, but adoption is not keeping pace with the threats.

www.IpswitchFT.com


The information visibility problem

The Information Visibility Problem

  • Companies are failing to secure and manage the flow of sensitive information moving internally and externally:

    • 65 percent of companies surveyed have no visibility into files and data leaving their organizations.

    • 52 percent have no real visibility into internal file transfers.

    • Only 19 percent say they have complete visibility into files and data moving inside and outside their organization.

www.IpswitchFT.com


The external device problem

The External Device Problem

  • Increased reliance on external devices in the workplace is partly to blame:

    • More than 80 percent of IT executives admitted to using easily lost or stolen external devices like USB drives, smartphones and tablets to move and backup confidential work files.

    • 57 percent save work files to external devices at least once a week, a major security and compliance concern for businesses.

www.IpswitchFT.com


The email security problem

The Email Security Problem

  • More than 75 percent of IT executives surveyed send classified files and information via email attachments.

    • 26 percent of employees use personal email instead of work accounts to mask file transfer activity from management.

www.IpswitchFT.com


The policy and tool enforcement problem

The Policy and Tool Enforcement Problem

  • Creating policies and providing tools simply isn’t enough…. It’s the enforcement of that policy and tool that is the critical step.

    • 55 percent said their companies provide – but do not enforce – policies and tools around sharing sensitive information

www.IpswitchFT.com


Wikileaks fails to drive preventive it action

WikiLeaks Fails to Drive Preventive IT Action

  • In wake of one of the most revealing breaches in U.S. history, most companies are not taking the risks of losing business-critical information seriously.

    • 43 percent of companies ignored the business implications of WikiLeaks altogether.

    • Only 16 percent of companies implemented new policies and tools to protect against similar breaches.

    • Slightly less than 30 percent of companies discussed the implications with employees, but made no major changes to the way information is shared or protected.

www.IpswitchFT.com


2011 information technology priorities

2011 Information Technology Priorities

  • While many companies are still struggling to protect business-critical information, executives say that they’re making it a priority for 2011. Of the IT executives surveyed at the 2011 RSA Conference:

    • 40 percent ranked protecting sensitive information as a top priority in 2011.

    • 25 percent said securing cloud computing is important.

    • 20 percent said that managing the flow of information internally and externally is critical.

www.IpswitchFT.com


Employees will do what is necessary

Employees will do what is necessary

  • Employees have proven that they will do whatever it takes to get their job done, with or without IT.

  • Employees whose job requires them to send information to other people such as co-workers, partners, vendors or customers have thousands of options at their disposal.

    • Personal email account

    • USB drive

    • Social media site

    • CD/DVD’s sent via courier

www.IpswitchFT.com


Risk is to the business

Risk is to the Business

  • File transfer supports core business processes

    • Ordering, claims processing, supply chain management, health care, financial transactions.

  • Data loss means

    • Orders don’t ship, claims don’t get processed, supplies don’t arrive, health care records are unavailable, and financial debits/credits don’t occur.

  • Compliance Threatened

www.IpswitchFT.com


Costs to the business

Costs to the Business

  • Data loss incurs additional costs:

    • Average total per-incident costs in 2008 were $6.65 million

    • Average cost per data record in 2008 was $202

      2008 Annual Study: Cost of a Data Breach, Ponemon Institute 20 February 2009

  • Lost Revenue

  • Penalties

  • Damaged reputation

www.IpswitchFT.com


It needs

IT Needs…

  • IT needs solutions to:

    • Enable person-to-person, person-to-system and system-to-system file transfers

    • Create and enforce policies and rules that manage those file transfers

    • Encrypt transfers

    • Provide visibility into all data interactions

    • Enable compliance

www.IpswitchFT.com


Mft capabilities

MFT Capabilities

  • Protocols

    • FTP, FTPS, SFTP, HTTP, HTTPS, AS1/2/3

  • Encryption

    • SSL/TLS, SSH, AES, PGP, S/MIME, PKI, SHA

    • Provide Confidentiality and Integrity

  • Access Control

    • Control who has access to what data

    • Least-Privileged

  • Auditing, Logging and Reporting

    • Track every activity associated with transferring a file

  • Automation, scheduling, workflow

    • Provide Availability

www.IpswitchFT.com


The three things that matter most

The Three Things That Matter Most


Visibility

Visibility

1. Provide visibility into all file and data transfer interactions, including files, events, people, policies & processes

www.IpswitchFT.com


Management

Management

2. Manage, provision, and automate all file interactions, both internal and external to the company, organization or domain

www.IpswitchFT.com


Enforcement

Enforcement

3.Create and enforce administrator defined policies & rules

  • Server access rules

  • Security policies

  • Password policy

  • IP and user lockout rules

  • File extension rules

  • Domain rules

  • Encryption policy

  • Delivery notification rules

  • File size limitations

  • File expiration rules

  • Max server bandwidth (# files, storage space)

  • Max number of files that can be sent at a time

  • Max # of downloads

  • Multi-factor authentication

  • Guaranteed delivery

  • File Integrity

  • Non-repudiation

www.IpswitchFT.com


Real world business problems

Real World Business Problems

  • Needs

  • Challenges

www.IpswitchFT.com


Two frequent scenarios

Two frequent scenarios

  • Regularly scheduled reoccurring transfers

    • Replace legacy or home-grown systems

  • Ad-Hoc person-to-person interactions

    • Send large or large sensitive data

www.IpswitchFT.com


Classic bulk data transfer

Classic “bulk data transfer”

  • Used by Financial, Insurance and Health Care for years

  • Primarily B2B (not transactions)

  • Legacy Data Comm, FTP, MFT

  • Regularly scheduled, re-occurring transfers

  • Highly structured

  • Need

    • Encryption

    • Efficient on-boarding of partners and users

    • Policy Enforcement

    • Auditing and Reporting

    • Scheduling

    • SLA Monitoring

    • Sustainable key managment

    • Flexible deployment options (on-premises, hosted, hybrid)

www.IpswitchFT.com


Ad hoc transfers

Ad-Hoc Transfers

  • One-time or short-duration interactions between internal users and external customers, partners, clients, etc.

  • Examples

    • Marketing needs to send large image files to a contractor

    • Software vendor needs to send a patch to a specific customer

  • Sometimes a replacement for anonymous ftp

  • Bi-directional

    • Mortgage originator needs sensitive financial information from an applicant

www.IpswitchFT.com


Ad hoc transfers1

Ad-Hoc Transfers

  • Need

    • Encryption

    • Self-service user provisioning

    • Client-less access for internal and external users

    • TTL and Max Download policies

    • Auditing and Logging

    • Appropriate file size limits (or no limits)

    • Archival for e-Discovery purposes.

    • Flexible deployment options (on-premises, hosted, SaaS)

www.IpswitchFT.com


Data loss is a growing risk managed file transfer can help

Q&A

For more information about Ipswitch File Transfer’s

solutions, call 608-824-3600 or email

[email protected]

www.IpswitchFT.com


  • Login